We have installed Windows Server 2008 R2 Server running Remote Desktop Services. We also have configured RemoteApp to host several of our "oddball" apps. We are attempting to "lockdown" the terminal sessions to minimize potential security issues and make the "terminal experience" as seamless for our end users as possible.
As a test app, we terminalized Notepad++ just to see how it would look and feel. When our test end user runs the app, we were able to get it to log in automatically (single sign on) and avoid the dreaded digital signature warning. Also, we got the local drives and printers redirected. So far so good.
Our problem is now that when we log in our test user and try to save a file (or open one), they are presented with the open or save dialog boxes that allow them to save/search through the local drives. Without causing too much disruption for administrators who need to regularly access this machine, is there a way that we can "lockdown" the terminal services sessions? I don't want them to have the ability of saving files locally or searching through the local drives, however, I need for them to be able to access the RemoteApp program and files. I've seen some documentation around the 2000ish time frame that are quite old and of limited use.